01-30-2015 07:48 PM
While setting up a Lenovo Flex 2-15 and uninstalling some of the unwanted software, I came across the Superfish Visual Discovery software.
After doing some research into Superfish Visual Discovery, I consider this software to be quite invasive. It sits between you and whatever sites you visit to monitor your sessions and extract information (it says photos) to serve you advertisements for similar products you may be looking for. What's even more concerning is that it does this for HTTPS connections that the user would expect to be private between themselves and the server they *believe* they are securely connecting to.
I "uninstalled" it via the "Programs and Features" in Windows 8.1, however I noticed that there are still remnants of the Superfish software left behind.
- There are Superfish root certificates left behind.
- There are Superfish registry entries left behind, some of them relating to SuperfishIEAddon.dll (which there appears to be no add-ons for Superfish in IE for me, but I would like to be sure), and other related registry entries.
- Possibly other remnants of the software I have not seen?
I have spoken on two seperate occasions with Lenovo phone support, both times they insisted that this Superfish software was not installed by Lenovo and that it is malicious and should be removed, at which time they offered to charge me either a one-time fee of $120, or sell me a monthly software support subscription. I insisted that this Superfish software came pre-installed from the factory, citing where it said "Install Date" in the "Programs and Features" (which was the same install date as the rest of the Lenovo software), as well as the registry entry where Superfish is listed under the "MFGApps" string value. Also, I told them about the folder "Program Files\Lenovo\VisualDiscovery" (if I remember the path name correctly) which used to exist, but I was told this was the virus trying to implant itself somewhere.
I find it surprising that the Lenovo software support reps were not aware that Lenovo included Superfish with their laptops.
I and most likely others would appreciate that Lenovo provide a removal tool to *COMPLETELY* remove this Superfish software (and any remnants that remain for those who have already uninstalled it, like myself) i.e. ALL of it's associated files, registry entries, ie add-ons, firefox extensions, chrome extensions, etc. , and provide any other direction as necessary.
01-30-2015 07:57 PM
02-11-2015 09:31 AM
Hi, just bought a lenovo z50-70 and surprise the same program runs...
I notice it as soon as I turn it on...
And now I want to move it but it's not easy...
It's really weird that they install this kind of programme on a new laptop !!
And I'm going to call them cause I can't find a mail to join them from France !!
Really annoying !
(and by the way I only launch the notebook, installed winsows 8, and firefox from mozilla site, and a little addon lightbeam who tells me something wrong with my internet pages... So it must be there at the beginning !! )
02-19-2015 12:20 AM
I have been working in tech software and systems engineering since MICE were not even available for personal computers..I have NEVER seen a brand, of any sort, come OTB with malware.
This is just unreal...and altogether unacceptable. Lenovo is a brand I always have associated with top quality, best practices trustworthy seccurity. The brand has been rock solid, but sliding for years, and lately I have been having some concerns about it's Chinese home...increasingly concerning to me in light of technology security and attacks originating from China. We all know that everything from iPhones to Whirlpool Dishwashers are made in China, but to actually run and HQ this operation there concerns me...
I am about done at this point. I have never, in my career or my life, ever been the 'victim' of a OTB malware device.
I have spent over three hours trying to eradicate the Superfish junk. I worked for an hour to purge two games, also dated at manufacturing time.
I am viewing source for my site work and I see this includes in the header for Best Deals, and McAffee wont detect it, MalwareBytes wont get it, and I am working in CCleaner and Revo Uninstaller and spending hours of precious time I should be working, trying to eradicate my brand new device of a known, malicious set of scripts and apps that were shipped from the factory. I have lost about a half of a day of productivity, and if anyone here is a freelance, consultant, or engineer; they know time is absolutely scarce and deadlines are over our heads; whicch is why we purchased Lenovo's to begin with.
This is a very sad day, I am sad to see my favorite brand go to the dump like this, exploit us, and cause me personal risk that a major company took part in.
Lenovos support on the issue is outright denial. They have not attempted to push an update to eraddicate this malware, which impliments them as knowing aaccessories as far as I am concerned.
Let me make this clear: NO PROGRAM; of ANY calibre, used for ANY device, should ever (EVER!) interface between my keyboard and a HTTPS site.
I have a few more hours, its after 12PM now, I will keep looking for a way to remove this junk, but I wanted to vent my frustration, and I think we need to consider returning our Lenovo device and looking at a solid American brand like Dell maybe, I dont know. This is absud, and Lenovos inaction definately indicates some level of knowledge, and conspiracy to commit sabotage, and destribute malware/spyware to consumers; many of whom are working in sensitive high security projects. I cannot come to any other conclusion after Lenovos refusing to deal with this.
02-19-2015 10:21 AM - edited 02-19-2015 10:30 AM
Not only was this an immensely terrible idea from the very start, but the people who developed this crappy software misspelled its name. Its real name is DUPERPHISH ! This is more like MALWARE, and not just adware, as it secretly, without the user's knowledge, hijacks HTTPS SSL/TLS connections where you thought that you were connecting to a secure Web site such as a bank, financial institution, or online store.
Considering that Lenovo's officials in Beijing have strong ties to the Chinese government, and in light of the NSA's own hardware-based spying, I *NEVER* use a Lenovo computer for any kind of financial transaction. Nor do I store any really personal or sensitive information on a Lenovo computer. They are only good for gaming and some casual Web surfing, and that's it. I am not sure that I entirely trust the NSA's motives either... but I trust them more than having China or Russia siphoning data from me.
02-19-2015 11:59 AM
Heres a link to cleanly remove it via the command line:http://www.tomsguide.com/us/lenovo-superfish-adware-removal,news-20470.html
02-19-2015 03:14 PM
Link to official Lenovo Tip
Hope this helps!
02-20-2015 03:29 PM
I bought the Lenevo Flex 15 in September for college...After hearing about this, I was worried that my computer would be affected. However, after searching my computer, I can't find any Superfish software. Am I okay then?
02-20-2015 03:34 PM
If you do not find the application or certificate mentioned in these uninstall instructions, then you have nothing to uninstall:
Hope this helps!